Skip to main content

Key Manager Installation Task Flow

  1. If you are deploying the Key Manager system for the first time, it is recommended that you read Planning the Key Manager System Deployment before setting up any system components.

  2. To deploy the Key Manager system to a corporate production environment, first set up the minimum required system components:

    • Set up a remote database where Key Manager can store key management data.

    • Set up a Key Manager back end to run the management engine. Key Manager back ends are responsible for running key management jobs on the hosts in the managed environment.

    • Set up a Key Manager front end to enable administrative-interface services, such as the Key Manager Graphical User Interface (GUI), RESTful API, and the command-line client.

    For more information about installing Key Manager system components, see Setting Up Key Manager Servers.

  3. Key Manager agents must be installed on those hosts that you want to manage using agent-based management connections. You do not need to install Key Manager agents on the hosts that are to be managed using agentless connections. To determine the management mode that suits you the best, refer to the comparison of supported management connections in Choosing the Best Management Connection Key Manager agent installation instructions are provided in Setting Up Key Manager Agents.

  4. After the minimum required components have been set up successfully, you can begin to use Key Manager to manage your SSH key environment. To enable high-availability and to facilitate improved load balancing, you can expand your Key Manager deployment:

    • Set up additional Key Manager back ends for load balancing and high-availability of key management services, based on the characteristics of your environment.

    • Set up additional Key Manager front ends for high-availability of administrative-interface services.

  5. New versions of the product — including new functionality, security fixes, and workflow improvements — are released regularly. Procedures for upgrading an existing Key Manager system to a new version is described in Upgrading the Key Manager System.